General
-
Target
970da0a6f46a8b1f81c5694d917aade36a5bd4e611e6d27834c508a251cb37e6N.exe
-
Size
135KB
-
Sample
241113-a1fjzsteqg
-
MD5
7c4fd558b0c914b2680e9abef4e7aec0
-
SHA1
60ac2b35a360dd0b056e5d9a0f1ee229ee5fdf53
-
SHA256
970da0a6f46a8b1f81c5694d917aade36a5bd4e611e6d27834c508a251cb37e6
-
SHA512
4b56fb8643bd83a8a2e0ac2ab715353331fdb8b58f2e15ea51e78e2057295a0af6d59dba22c6abe871f4b4b7a1605bbc9e237b8663b2a59b9e708fc9b96f6f54
-
SSDEEP
1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOQ:YfU/WF6QMauSuiWNi9eNOl0007NZIOQ
Behavioral task
behavioral1
Sample
970da0a6f46a8b1f81c5694d917aade36a5bd4e611e6d27834c508a251cb37e6N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
970da0a6f46a8b1f81c5694d917aade36a5bd4e611e6d27834c508a251cb37e6N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
970da0a6f46a8b1f81c5694d917aade36a5bd4e611e6d27834c508a251cb37e6N.exe
-
Size
135KB
-
MD5
7c4fd558b0c914b2680e9abef4e7aec0
-
SHA1
60ac2b35a360dd0b056e5d9a0f1ee229ee5fdf53
-
SHA256
970da0a6f46a8b1f81c5694d917aade36a5bd4e611e6d27834c508a251cb37e6
-
SHA512
4b56fb8643bd83a8a2e0ac2ab715353331fdb8b58f2e15ea51e78e2057295a0af6d59dba22c6abe871f4b4b7a1605bbc9e237b8663b2a59b9e708fc9b96f6f54
-
SSDEEP
1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOQ:YfU/WF6QMauSuiWNi9eNOl0007NZIOQ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-